The present invention generally relates to distribution of digital files and information and, more particularly, relates to digital data distribution and knowledge accumulation and security in such distribution, including by detection, deterrence and disablement through the distribution system and method.
Within a communicatively networked enterprise, such as a company or other organization, it is typically desirable that files and other digitized information be freely and readily available for access and distribution throughout the organization to those requiring the information to perform work and benefit the organization. The organization, however, may nonetheless have concern that information should not be inappropriately distributed or used. This presents a conflicting situation to organizations. Conventional security measures for digitized information restrict distribution, access, and usage of the information. These restrictions, however, counter needs of the organization that most information be readily available and useable for appropriate purposes.
Most information within an organization is not confidential or propriety; thus, the information need not be restricted or limited in accessibility or usage to an extent required to maintain strict secrecy and confidentiality. The organization may nonetheless wish to know who is accessing and using the information, whether and how it is being used, and if further distribution of or access to the information is made. Even such information that is not confidential or proprietary may preferably be only distributed and used in appropriate manner.
Conventional information security measures have been implemented in organizations to protect digitized information from access and use. These measures, because restrictive of access to and use of the information, disrupt and impede information flows within the organization. Since much of the information within the organization need not be so securely maintained, disruptions and impediments imposed through conventional information security measures are problematic. Organizations typically do not wish to discourage distribution and use of information that is needed for proper purposes. Yet, this can be the outcome of conventional information security measures that operate to restrict access and use.
Technologies that restrict digital information access and use include so-called “digital rights management” or “DRM”. DRM refers to certain conventional technologies used for protection of digital content, such as consumer audio or audiovisual works and the like. DRM technologies conventionally encrypt data before distribution, and limit access to the encrypted data to only such end-users who acquire a proper license to access and use the data. DRM implementations tend to be complex, and they restrict distribution and usage. As has been mentioned, within an organization, restriction of accessibility and use is cumbersome and disruptive of normal and desired information flows through the organization for most types of information. Further, complexity of DRM implementation within an organization enterprise, and other similar conventional security measures, are not conducive to appropriate information distribution and usage in the enterprise and business environment.
Even though not ideal for use within business and similar applications where ease of access and use of information are often highly desirable, various schemes are presently implemented in networked organizations to limit or prevent access to and use of data. These schemes include DRM technologies, requiring that authorization licenses be obtained/granted for devices, users, and the like, in order to have permitted access to and use of information. Access and usage restrictions implemented with DRM schemes typically include: encryption of data that is to be accessed; obtaining of applicable license by devices/persons who desire to access and use the data; granting of unlock key for the encryption; network download or other access gathering of the data; and decryption by the end-user device/person via the key.
As mentioned, DRM is restrictive, complex, and management intensive. Multiple steps and procedures are required in order for an applicable end-user to gain access to and use of information. DRM tends, therefore, to impede distribution and use of information, even information that need not be confidentiality protected or otherwise highly secured and that is valuable and appropriate for access and use. Complexity of DRM implementations, as well as the managerial requirements, expense, and other problems associated therewith, render these conventional information security technologies less than suitable for the organization or enterprise.
The term “Enterprise Digital Rights Management” (E-DRM or ERM) has been used in some instances to refer to use of DRM technology to control access to corporate documents (Microsoft Word, PDF, and the like), as differentiated from DRM for consumer media. In the business environment, this E-DRM technology is essentially the same as DRM, and requires all of the steps and security/restriction aspects mentioned above. Like DRM, E-DRM also requires the complex and costly infrastructure and intensive management mentioned. E-DRM systems in the corporate environment can take years to implement across the enterprise. When implemented, distribution and normal information flows within the enterprise are impeded and disturbed. Even authorized information recipients within an organization or partner base, for example, must obtain authorizations, licenses, keys and the like. This usually requires user installations and/or appropriate equipment to gain the required rights and capabilities to access and use the E-DRM protected data. Infrastructure requirements likewise are extensive, and include rights management facilities, databases, and aspects, and management, security and oversight thereof.
In E-DRM implementations, information distribution by authorized persons, including further distributions by authorized recipients (such as internally in the enterprise to others who should have or need access), are even further restricted and limited by DRM and E-DRM security measures. Applicable rights to and for information must be obtained, installed and otherwise invoked for further distributions and by each recipient. Security protection afforded through these implementations can nonetheless be circumvented by unauthorized persons. Conventional DRM and E-DRM, therefore, are not suited for many environments, including particularly business organizations and enterprises and the like.
Knowledge about data and information distribution, and of usage of the distributed data, rather than restriction of access and use through DRM, can be advantageous to the enterprise in many situations. Within the enterprise, for example, most information in digital form is not so confidential as justifying restriction and complexity of DRM schemes. The information is preferably more easily distributable and usable. It can be important, however, to have knowledge of the access and use being made of the information, whether or not other protections are implemented. Conventional restrictive security measures, such as DRM, are not targeted to obtaining knowledge of distribution, access and use of data. Instead, the conventional measures focus on restricting distribution, access and use. In most enterprises and as to most information of the enterprise, knowledge of distribution, access and use can be more valuable and effective than more strict restrictions.
Particularly, detection, deterrence and disablement capabilities as to information distributed, accessed and used in the enterprise can provide significant advantages and benefits over DRM and other restrictive security schemes. It would, therefore, be a new and significant improvement and advance in the art and technology to provide distribution-knowledge and use-security for distributed digital data. Distribution and normal intended information flows are not significantly impeded or negatively affected through such measures, as with conventional technologies and practices. Moreover, such measures are more economical and less complex to implement and manage. The present inventions provide numerous advantages and improvements, including improvements and nuances in the foregoing respects.